codeql

mirror of https://github.com/github/codeql.git synced 2026-02-15 22:43:43 +01:00

Author	SHA1	Message	Date
Benjamin Muskalla	8ce841493c	Avoid taint for valueOf(Object)	2021-08-03 14:46:55 +02:00
ihsinme	a1755b0b53	Update OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql	2021-08-03 15:42:59 +03:00
ihsinme	e5c30c2edf	Update OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql	2021-08-03 15:29:51 +03:00
Anders Schack-Mulligen	c0d76da1a6	Merge pull request #5846 from atorralba/atorralba/promote-unsafe-android-webview-fetch Java: Promote Unsafe resource loading in Android WebView from experimental	2021-08-03 14:24:34 +02:00
Tony Torralba	f5cbec4938	Fix tests affected by Jackson stubs changes	2021-08-03 14:22:55 +02:00
Anders Schack-Mulligen	fb9feabe64	Merge pull request #6062 from atorralba/atorralba/promote-groovy-injection Java: Promote Groovy Code Injection from experimental	2021-08-03 14:19:15 +02:00
ihsinme	4f09545f24	Update OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql	2021-08-03 15:12:39 +03:00
ihsinme	15e76d1a98	Update cpp/ql/src/experimental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>	2021-08-03 15:11:22 +03:00
Mathias Vorreiter Pedersen	43044cd475	Merge pull request #6081 from ihsinme/ihsinme-patch-273 CPP: Add a query to find incorrectly used switch	2021-08-03 13:16:45 +02:00
Tony Torralba	a33e0bce9d	Fix tests affected by Jackson stubs changes	2021-08-03 13:15:45 +02:00
Anders Schack-Mulligen	ad86641e22	Merge pull request #6216 from smowton/smowton/admin/serializability-dataflow Create a dataflow instance specifically for the Serializability library	2021-08-03 13:03:49 +02:00
Tony Torralba	c44de87503	Fix reference to PostUpdateNode	2021-08-03 12:45:12 +02:00
Nick Rolfe	78b64dad71	Merge pull request #244 from github/script_cleanup Tidy up shell scripts	2021-08-03 11:27:32 +01:00
Nick Rolfe	52ecc2c152	fix path to create-extractor-pack.sh	2021-08-03 11:14:23 +01:00
Tom Hvitved	ee51e1593f	Merge pull request #6217 from hvitved/csharp/dataflow/csv-override-fix C#: Fix CSV overrides logic	2021-08-03 12:11:26 +02:00
Chris Smowton	36379146c5	Resync dataflow clone	2021-08-03 11:03:30 +01:00
Joe Farebrother	a4659f4e96	Exclude package protected members	2021-08-03 10:51:39 +01:00
Chris Smowton	afa827829a	Make imports private where possible Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2021-08-03 10:36:46 +01:00
Chris Smowton	a52c4746bc	Improve docs	2021-08-03 10:36:46 +01:00
Chris Smowton	75310a6609	Create a dataflow instance specifically for the Serializability library Otherwise because this dataflow instance populates AdditionalTaintStep there is an ever-present danger that a user will stumble into creating a recursive configuration, or at least that by using DataFlow5::Configuration for any other purpose they will needlessly recalculate the Serializability dataflow results.	2021-08-03 10:36:46 +01:00
Chris Smowton	f83f950be6	Merge pull request #6325 from smowton/smowton/feature/org-json-models Java: add models of JSON-java, aka `org.json`	2021-08-03 10:33:49 +01:00
Mathias Vorreiter Pedersen	3a456577d8	Merge pull request #6378 from geoffw0/impropnull C++: Test and improve cpp/improper-null-termination	2021-08-03 11:32:15 +02:00
CodeQL CI	07f6ce7f3b	Merge pull request #6398 from erik-krogh/authHeader Approved by esbena	2021-08-03 02:04:35 -07:00
CodeQL CI	394d3349ac	Merge pull request #6213 from asgerf/js/vuex Approved by erik-krogh	2021-08-03 01:49:06 -07:00
Geoffrey White	bb96ca3e00	Merge branch 'main' into impropnull	2021-08-03 09:37:58 +01:00
Anders Schack-Mulligen	62adefb015	Merge pull request #6400 from github/workflow/coverage/update Update CSV framework coverage reports	2021-08-03 10:36:27 +02:00
Geoffrey White	db292287db	Merge branch 'main' into impropnull	2021-08-03 09:34:16 +01:00
Tony Torralba	084cda6daa	Merge branch 'main' into atorralba/promote-groovy-injection	2021-08-03 09:53:46 +02:00
Tony Torralba	36565802dc	Delete unnecesary file RequestForgery.expected in experimental was an artifact from a merge that wasn't adequately removed	2021-08-03 09:48:04 +02:00
Tony Torralba	8852f69d36	Apply suggestions from code review Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2021-08-03 09:46:32 +02:00
CodeQL CI	a27cb4b1ae	Merge pull request #6399 from erik-krogh/nunjucks Approved by esbena	2021-08-03 00:45:37 -07:00
Erik Krogh Kristensen	f1f44ceee7	add change-note	2021-08-03 09:11:27 +02:00
Erik Krogh Kristensen	6b579dfad3	normalize auth-headers to lowercase	2021-08-03 09:09:47 +02:00
Erik Krogh Kristensen	116679d8b6	simplify `union`	2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen	8f613b6b16	rename seq to visitSequence	2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen	e56e56c14e	use `Collection` instead of `Iterable`	2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen	1479376f23	rename `visit` to `visitWithSuccessors` to avoid ambiguity	2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen	4289875747	make utility methods static	2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen	94a593b208	rename `entry` and `exit` to `getEntryNode` and `getExitNode` respectively	2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen	366a16f700	rename the `V` class to WriteSuccessorsVisitor	2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen	c059ceaee9	add qldoc to `union(xs, ys)`	2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen	8db10aeb9d	add JavaDoc to `createIterable` and `createReversedIterable`	2021-08-03 08:59:33 +02:00
Erik Krogh Kristensen	8fdcd917ee	rename `foreach` and `hcaerof` to `createIterable` and `createReversedIterable` respectively	2021-08-03 08:59:32 +02:00
Erik Krogh Kristensen	014728a66a	implement `hcaerof` in terms of `foreach`	2021-08-03 08:59:32 +02:00
Erik Krogh Kristensen	ca26b5ebbc	rename `succ` to `writeSuccessor`/`writeSuccessors`	2021-08-03 08:59:32 +02:00
Asger Feldthaus	c88d213f37	JS: Use appendToNamespace	2021-08-03 08:52:19 +02:00
Asger Feldthaus	f5f255d93d	JS: Rename getPrefix -> getNamespace	2021-08-03 08:51:35 +02:00
Asger F	ff17d298b0	Apply suggestions from code review Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2021-08-03 08:45:56 +02:00
github-actions[bot]	cd65baf481	Add changed framework coverage reports	2021-08-03 00:07:34 +00:00
Ethan Palm	2c6977e5e2	Merge pull request #6327 from ethanpalm/cwe-coverage-tables CodeQL: Display CWE coverage information by language	2021-08-02 18:00:01 -04:00

... 196 197 198 199 200 ...

36554 Commits